In the PRISM Era, Is Your Information Safe?

On September 11th, 2001, terrorists boarded two airplanes, subdued the pilots, took over the aircraft, and then rammed them into the World Trade Center, instantly killing thousands. This marked an important turning point in the U.S. war against terror, one that would see the government take a more aggressive approach towards locating terrorists and staving off future attacks. The PRISM program is one of the many results.

Designed for the government, PRISM is the name of the computer system built to handle the huge amount of foreign intelligence data collected by the National Security Agency (NSA). Its existence remained a secret until it was revealed by NSA whistleblower, Edward Snowden. Snowden is currently on the run and is believed to be in Hong Kong.

According to a Time Magazine poll, 54% of respondents felt that Snowden was right to release the information, while 30% disagreed. Government officials hold that the NSA’s programs are necessary to prevent terror attacks. According to The Independent, the NSA claims that at least 50 plots have been prevented using secret surveillance since the attacks of 9/11. The PRISM program appears to be a double-edged sword between liberty and security.

How Effective is PRISM?

PRISM is frighteningly effective. A document leaked by Snowden reveals just how powerful the PRISM system has become. According to the fact sheet released, the NSA collected close to 97 billion pieces of intelligence from computer networks across the world in March alone.

The NSA’s data mining is accessed through telephone and computer networks. The distribution of this collection is varied across different countries. Iran led the list with more than 14 billion reports collected, followed by Pakistan (13.5 billion), Jordan (12.7 billion), Egypt (7.6 billion), and India (6.3 billion).

However, what surprised many wasn’t the fact that the NSA was keeping tabs on other countries. Instead, it was the fact that the Agency had an effective tool that it could use in recording and analyzing the sources of incoming intelligence. This went completely against the Agency’s earlier claims to Congress that it lacked the tools needed to track the scope and results of its surveillance.

So How Safe Are You?

It has been said that the road to hell is paved with good intentions. Only a few months before the leak, in a meeting with the Senate Intelligence Committee, James Clapper, the Director of National Intelligence, was asked if the NSA collected any data on millions of Americans.

Clapper’s reply was a simple “No, sir.”

His response was understandable. When PRISM was set up, the government laid down very strict rules on how it could be used and who could be targeted. A major clause was that PRISM could only be used to target foreign nationals outside the country, which, we have learned, was not the case.

Among the many restrictions, the NSA is restricted from violating the Fourth Amendment rights of citizens by intentionally acquiring information from citizens located within the country and targeting people living within the country.

These restrictions were set in place to ward off concerns from citizens that the intelligence system could be turned to spy on the very people it was designed to protect. Those fears appear to be justified. Despite Clapper’s denials, evidence seems to indicate that the NSA does in fact spy on citizens.

According to the leaked documents, the agency collected close to three billion pieces of information from U.S. computer networks in March alone. That’s information mined from phones, servers, and computers within the country. The agency has also been collecting the phone records of over 100 million citizens. Unsurprisingly, this revelation was not well received by millions of people across the country.

Granted, it all sounds terribly worrying, but there’s an important technical point to note. The web doesn’t function with the same physical dimensions as the real world.

For instance, if you were to send an email from Seattle to New York, your email wouldn’t step out the door, catch a flight, and head straight to the Big Apple. Instead, what happens is that your email is broken into data packets, which are sent through international gateway switches, which could be located anywhere in the world. In other words, if the NSA was monitoring servers in a country like Israel or Finland, and could pick up data packets originating from the U.S. without exactly setting out to do so.

What Internet Sources Are the NSA Tapping Into?

According to the Washington Post, the NSA and FBI are tapping directly into nine leading U.S. Internet companies, extracting the following information: audio chats, video chats, photographs, emails, documents, and connection logs for tracking foreign targets.

Naturally, there are rules in place and companies cannot be forced to hand over information simply because it is asked for.

The Yahoo! / Google Debate

The outcry against the NSA’s snooping actions reached a new high after Yahoo! revealed that the company, along with a dozen others, had been forced to turn over information to the NSA. But it is important to note that Google and Yahoo! weren’t forced to turn over all the information they had to the government. Despite its position, the NSA cannot randomly ask for information whenever they want. In order for this to happen, the Agency requires a subpoena, and in order to get that, they need to show a valid reason why it is necessary.

It also helps to study part of the reason behind the NSA’s request. Shortly after the introduction of PRISM, terrorists around the world realized that the emails they sent could be monitored very easily, so they came up with a new system. Instead of sending emails, they created a virtual dead drop.

Essentially, one terrorist would create an email account, write an email, and then save it as a draft without sending it. Another terrorist in a different part of the world could then access the mailbox using the provided login information, read the saved draft, and then delete the account. Tactics such as these forced the NSA to revisit its strategy of monitoring digital data and enlist the services of tech companies.

Is the NSA After You?

In the end, that is perhaps the most important question. Given the resources and weight behind the agency, the NSA can access your information if it has a reason to. The simple solution is not to give the Agency a reason. Truth be told, the NSA is unlikely to start snooping through your mail to check your porn subscriptions or determine if you are having an affair. This is not the reason PRISM was created. However, if you are currently involved or have had reason to be involved with identified threats, you are likely to become a target.

The debate about the legalities surrounding the PRISM system is certain to drag on for months, possibly even years. The government has the unenviable task of balancing the need for an effective intelligence system against the moral and constitutional complexities surrounding the average citizen’s right of privacy.

It is unlikely that the PRISM system will be altered. Instead, what is more likely is that people will begin to pay more attention to their digital footprints. Regardless of what happens, like the fateful events of the 9/11 attacks, the dawn of the PRISM era ensures that the world is set for a change—this time, digitally.